EUVD-2026-15520

Deserialization of Untrusted Data vulnerability in AncoraThemes Melody melodyschool allows Object Injection.This issue affects Melody: from n/a through = 1.6.3...

WordPress plugin Melody 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

WordPress Melody theme <= 1.6.3 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Melody versions = 1.6.3...

Incorrect Authorization

Overview Affected versions of this package are vulnerable to Incorrect Authorization via the GetConfig and RefreshResource API endpoints. An attacker can access sensitive configuration data or trigger excessive reconciliations by sending requests with any non-empty Bearer token in the Authorizati...

CVE-2025-62782 InventoryGUI vulnerable to item duplication via Bundle items when using GuiStorageElement

InventoryGui is a library for creating chest GUIs for Bukkit/Spigot plugins. Versions 1.6.3-SNAPSHOT and earlier contain a vulnerability where GUIs using GuiStorageElement can allow item duplication when the experimental Bundle item feature is enabled on the server. The vulnerability is resolved ...

WordPress Nest Addons Plugin <= 1.6.3 - SQL Injection Vulnerability

SQL Injection Vulnerability discovered by Bonds in WordPress Plugin Nest Addons versions = 1.6.3...

WordPress WP Membership Plugin <= 1.6.3 - Settings Change Vulnerability

Settings Change Vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin WP Membership versions = 1.6.3...

WordPress plugin Fusion 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...

WordPress plugin Album Gallery 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists i...

UBUNTU-CVE-2024-56375

An integer underflow was discovered in Fort 1.6.3 and 1.6.4 before 1.6.5. A malicious RPKI repository that descends from a trusted Trust Anchor can serve via rsync or RRDP a Manifest RPKI object containing an empty fileList. Fort dereferences and, shortly afterwards, writes to this array during a...

FORT Validator 安全漏洞

FORT Validator is a NICMx open source RPKI dependency and RTR server. A security vulnerability exists in FORT Validator versions 1.6.3 and 1.6.4, which stems from the presence of an integer underflow issue...

PT-2024-34167 · Advantech · Advantech Eki-6333Ac-2G +1

Name of the Vulnerable Software and Affected Versions: Advantech EKI-6333AC-2G versions 1.6.3 and earlier Advantech EKI-6333AC-2GD versions 1.6.3 and earlier Advantech EKI-6333AC-1GPO versions 1.2.1 and earlier Description: A hard-coded credentials issue affects the backup configuration...

PT-2024-9486 · Advantech · Advantech Eki-6333Ac-2G +1

Name of the Vulnerable Software and Affected Versions: Advantech EKI-6333AC-2G versions 1.6.3 and earlier Advantech EKI-6333AC-2GD versions 1.6.3 and earlier Advantech EKI-6333AC-1GPO versions 1.2.1 and earlier Description: A security issue was discovered in the snmp apply API, where multiple...

PT-2024-9474 · Advantech · Advantech Eki-6333Ac-2G +1

Name of the Vulnerable Software and Affected Versions: Advantech EKI-6333AC-2G versions 1.6.3 and earlier Advantech EKI-6333AC-2GD versions 1.6.3 and earlier Advantech EKI-6333AC-1GPO versions 1.2.1 and earlier Description: The issue exists due to the lack of neutralization of special elements us...

PT-2024-8797 · Advantech · Advantech Eki-6333Ac-2G +1

Name of the Vulnerable Software and Affected Versions: Advantech EKI-6333AC-2G versions 1.6.3 and earlier Advantech EKI-6333AC-2GD versions 1.6.3 and earlier Advantech EKI-6333AC-1GPO versions 1.2.1 and earlier Description: The issue is related to improper neutralization of input during web page...

PT-2024-28197 · Weblizar · Weblizar Coming Soon

Name of the Vulnerable Software and Affected Versions: Weblizar Coming Soon versions 1.6.3 and earlier Description: The issue affects Weblizar Coming Soon, allowing exposure of sensitive information to an unauthorized actor due to accessing functionality not properly constrained by ACLs...

Session Fixation

KubePi is a modern Kubernetes panel. A session fixation attack allows an attacker to hijack a legitimate user session, versions 1.6.3 and below are susceptible. A patch will be released in version 1.6.4...

GHSA-CWCX-RXGC-CMW3 Prototype pollution in 101

Prototype pollution vulnerability in '101' versions 1.0.0 through 1.6.3 allows an attacker to cause a denial of service and may lead to remote code execution...